Halil Said CANKURTARAN, Ali BOYACI, Serhan YARKAN

Yan Kanal Saldırılarında Güç Analizi için Deneysel bir Altyapı

Yan kanal saldırıları, günümüzde bilginin gizliliğini, bütünlüğünü ve özgünlüğünü tehdit eden fakat fiziksel erişim gerekliliği yüzünden sıklıkla göz ardı edilen bir siber güvenlik tehdidi olarak sınıflandırılabilir. Her ne kadar göz ardı edilseler de yeni saldırı yöntemlerinin ve önlemlerin literatüre sunuluyor olması, yan kanal saldırılarının önemini koruduğunu göstermektedir. Ne yazık ki, ölçüm düzeneklerinin betimlemesinin ve çevresel değişkenlerin olumsuz etkilerinin açıklamasının yayınlarda genellikle ihmal edildiği gözlemlenmektedir. Bu açığı kapatabilmek amacıyla güç analizi saldırılarında kullanılabilecek bir ölçüm düzeneği, araştırmacıların ölçüm düzeneğinde karşılaşabileceği olası sorunlar ve çözüm yöntemleri bu makalede sunulmuştur. Ek olarak, çevresel etkenlerin önemini vurgulamak ve yüksek güçlü karıştırıcıların, saldırıların performansını etkileyebileceğini göstermek amacı ile ölçüm düzeneğinin yakınlarında çalışan bir işaret üretecinin sebep olduğu girişim deneysel olarak gösterilmiştir.

Anahtar Kelimeler:

Yan kanal saldırıları, güç analizi, ölçüm, girişim, altyapı

An Experimental Framework for Power Analysis for Side-channel Attacks

Side-channel attacks can be classified as cybersecurity threats that risk the confidentiality, integrity, and authenticity of the information. However, they are often overlooked by developers, manufacturers, and maintainers since adversaries need to access devices physically most of the time. Although they are usually ignored, the development of novel attack methods and countermeasures show that side-channel attacks maintain their importance in cybersecurity. Unfortunately, although advanced analysis methods are presented in detail, the discussion of measurement campaigns and the negative effects of environmental parameters are usually omitted in the articles. In order to close this gap, a measurement campaign that can be used in power analysis side-channel attacks, possibleproblems thatresearchers may encounter during measurements, and their solution methods are presented in this article. In addition, interference caused by a signal generator operating in the same environment has been experimentally demonstrated to show that dedicated jammers can significantly affect the performance of analysis methods

Keywords:

Side-channel attacks, power analysis, measurement, interference, framework,

PDF

___

[1] B. Che, C. Gao, R. Ma, X. Zheng, and W. Yang, “Covert wireless communication in multichannel systems,” IEEE Wireless Communications Letters, vol. 11, no. 9, pp. 1790–1794, 2022.
[2] Z. Wang, X. Zhu, S. Jeloka, B. Cline, and W. D. Lu, “Physical unclonable function systems based on pattern transfer of fingerprint like patterns,” IEEE Electron Device Letters, vol. 43, no. 4, pp. 655–658, 2022.
[3] W. Duo, M. Zhou, and A. Abusorrah, “A survey of cyber attacks on cyber physical systems: Recent advances and challenges,” IEEE/CAA Journal of Automatica Sinica, vol. 9, no. 5, pp. 784–800, 2022.
[4] R. Yegireddi and R. K. Kumar, “A survey on conventional encryption algorithms of Cryptography,” in 2016 International Conference on ICT in Business Industry & Government (ICTBIG). IEEE, 2016, pp. 1–4.
[5] R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Commun. ACM, vol. 21, no. 2, p. 120–126, feb 1978. [Online]. Available: https://doi.org/10.1145/359340.359342
[6] M. Randolph and W. Diehl, “Power sidechannel attack analysis: A review of 20 years of study for the layman,” Cryptography, vol. 4, pp. 1–33, 6 2020.
[7] Y.-I. Hayashi, N. Homma, T. Mizuki, T. Aoki, H. Sone, L. Sauvage, and J.-L. Danger, “Analysis of Electromagnetic Information Leakage From Cryptographic Devices With Different Physical Structures,” IEEE Transactions on Electromagnetic Compatibility, vol. 55, no. 3, pp. 571–580, jun 2013.
[8] T. Kim and Y. Shin, “Thermalbleed: A practical thermal side-channel attack,” IEEE Access, vol. 10, pp. 1–1, 2022.
[9] P. Kocher, J. Jaffe, and B. Jun, “Differential Power Analysis,” in Advances in Cryptology — CRYPTO’ 99, M. Wiener, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 1999, pp. 388–397.
[10] P. C. Kocher, “Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems,” in Advances in Cryptology — CRYPTO ’96, N. Koblitz, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 1996, pp. 104–113.
[11] M. Jurecek, J. Bucek, and R. Lórencz, “Sidechannel attack on the a5/1 stream cipher,” in 2019 22nd Euromicro Conference on Digital System Design (DSD), 2019, pp. 633–638.
[12] S. Ghandali, S. Ghandali, and S. Tehranipoor, “Deep k-tsvm: A novel profiled power sidechannel attack on aes-128,” IEEE Access, vol. 9, pp. 136 448–136 458, 2021.
[13] N.-T. Do, V.-P. Hoang, and C.-K. Pham, “Low Complexity Correlation Power Analysis by Combining Power Trace Biasing and Correlation Distribution Techniques,” IEEE Access, vol. 10, pp. 17 578–17 589, 2022.
[14] A. Jia, W. Yang, and G. Zhang, “Side channel leakage alignment based on longest common subsequence,” in 2020 IEEE 14th International Conference on Big Data Science and Engineering (BigDataSE), 2020, pp. 130–137.
[15] P. Kashyap, F. Aydin, S. Potluri, P. D. Franzon, and A. Aysu, “2deep: Enhancing side-channel attacks on lattice-based key-exchange via 2-d deep learning,” IEEE Transactions on Computer Aided Design of Integrated Circuits and Systems, vol. 40, no. 6, pp. 1217–1229, 2021.
[16] A. Calder, NIST Cybersecurity Framework - A PocketGuide. ITGovernancePublishing, 2018.
[17] ISO/IEC 17825:2016, “Information technology — security techniques — testing methods for the mitigation of non-invasive attack classes against cryptographic modules,” 2016. [18] FIPS 140-3, “Security requirements for cryptographic modules,” 2019.
[19] A. G. Bayrak, F. Regazzoni, D. Novo, P. Brisk, F.-X. Standaert, and P. Ienne, “Automatic Application of Power Analysis Countermeasures,” IEEE Transactions on Computers, vol. 64, no. 2, pp. 329– 341, feb 2015.
[20] D. Das, M. Nath, B. Chatterjee, S. Ghosh, and S. Sen, “Stellar: A generic em side-channel attack protection through ground-up root-cause analysis,” in 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2019, pp. 11–20.
[21] R. Bodduna, V. Ganesan, P. SLPSK, K. Veezhinathan, and C. Rebeiro, “Brutus: Refuting the security claims of the cache timing randomization countermeasure proposed in ceaser,” IEEE Computer Architecture Letters, vol. 19, no. 1, pp. 9–12, 2020.
[22] SCPI Consortium, “Standard commands for programmable instruments (scpi),” Available at https://www.ivifoundation.org/docs/ scpi-99.pdf (2022/09/18).
[23] C. O’Flynn and Z. D. Chen, “Chipwhisperer: An open-source platform for hardware embedded security research,” in Constructive Side-Channel Analysis and Secure Design, E. Prouff, Ed. Cham: Springer International Publishing, 2014, pp. 243–260.